package org.apache.hadoop.ozone;

import java.io.File;
import java.io.IOException;
import java.net.InetAddress;
import java.net.NetworkInterface;
import java.nio.file.Path;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.hadoop.hdds.annotation.InterfaceAudience;
import org.apache.hadoop.hdds.annotation.InterfaceStability;
import org.apache.hadoop.hdds.conf.ConfigurationSource;
import org.apache.hadoop.hdds.security.x509.certificate.utils.CertificateCodec;
import org.apache.hadoop.ozone.shaded.org.apache.commons.validator.routines.InetAddressValidator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@InterfaceStability.Evolving
@InterfaceAudience.Private
/* loaded from: input_file:org/apache/hadoop/ozone/OzoneSecurityUtil.class */
public final class OzoneSecurityUtil {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) OzoneSecurityUtil.class);
    private static final Set<String> INVALID_IPS = new HashSet(Arrays.asList("0.0.0.0", "127.0.0.1"));

    private OzoneSecurityUtil() {
    }

    public static boolean isSecurityEnabled(ConfigurationSource configurationSource) {
        return configurationSource.getBoolean(OzoneConfigKeys.OZONE_SECURITY_ENABLED_KEY, false);
    }

    public static boolean isHttpSecurityEnabled(ConfigurationSource configurationSource) {
        return isSecurityEnabled(configurationSource) && configurationSource.getBoolean(OzoneConfigKeys.OZONE_HTTP_SECURITY_ENABLED_KEY, false);
    }

    public static boolean checkIfFileExist(Path path, String str) {
        File file = path.toFile();
        return file.exists() && new File(file, str).exists();
    }

    public static List<InetAddress> getValidInetsForCurrentHost() throws IOException {
        ArrayList arrayList = new ArrayList();
        InetAddressValidator inetAddressValidator = InetAddressValidator.getInstance();
        Enumeration<NetworkInterface> networkInterfaces = NetworkInterface.getNetworkInterfaces();
        if (networkInterfaces == null) {
            throw new IOException("Unable to get network interfaces.");
        }
        while (networkInterfaces.hasMoreElements()) {
            NetworkInterface nextElement = networkInterfaces.nextElement();
            if (nextElement.isUp()) {
                Enumeration<InetAddress> inetAddresses = nextElement.getInetAddresses();
                while (inetAddresses.hasMoreElements()) {
                    InetAddress nextElement2 = inetAddresses.nextElement();
                    String hostAddress = nextElement2.getHostAddress();
                    if (INVALID_IPS.contains(hostAddress) || !inetAddressValidator.isValid(hostAddress)) {
                        LOG.info("ip:{} not returned.", hostAddress);
                    } else {
                        LOG.info("Adding ip:{},host:{}", hostAddress, nextElement2.getHostName());
                        arrayList.add(nextElement2);
                    }
                }
            }
        }
        return arrayList;
    }

    public static List<X509Certificate> convertToX509(List<String> list) throws IOException {
        ArrayList arrayList = new ArrayList(list.size());
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            try {
                arrayList.add(CertificateCodec.getX509Certificate(it.next()));
            } catch (CertificateException e) {
                LOG.error("Error while converting to X509 format", (Throwable) e);
                throw new IOException(e);
            }
        }
        return arrayList;
    }
}
